What's the issue?

This puts older projects in an awkward position.
Rails 2 is a stable and productive platform, but
given recent security incidents
leaving an unpatched Rails application in the wild is out of the question.
An upgrade to a recent Rails version would be required in order to receive future security patches.
Unfortunately, many API changes can make an upgrade very expensive.

With Rails LTS we want to offer a solution for Rails 2.3 projects that you can't or don't want to upgrade.
Use Rails LTS either as a long-term solution or to provide you with more time for upgrading.

Compatibility

Rails LTS was conceived as a drop-in replacement
and should require little to no changes in your application.
See detailed system requirements.

What do I get in LTS?

When a new advisory is posted to the official Rails security list
we check if the vulnerability is applicable to Rails 2.3 applications. If so,
we will patch the vulnerability in Rails LTS and release a new version of the Rails LTS gems.

As a subscriber to the Rails LTS service you will receive an e-mail as soon as new versions of
the gems are released. You can then secure your application with a
single command.

Why we can deliver

We are makandra, a 14-person Rails development shop responsible for
maintaining ca. 50 Rails applications written in various versions of
Rails.
In order to shield our customers from disclosed exploits, we have been maintaining
private forks of older Rails versions for quite some time already.

For Rails LTS we have cleaned up our private fork so other teams can benefit from our work.

Plans and pricing

Most of our plans come at a monthly fee, which we use to fund continued development of Rails LTS.
We also offer a free community edition with delayed patch availability and no service level agreements.

We will start working on patches on the next business day after a vulnerability was disclosed through the
Rails security list.
Severe security issues like the remote code exploits in early 2013 will be processed with more urgency.

²

Coherent services that are comprised of multiple Rails applications still count as a single
application for the purpose of Rails LTS licensing. E.g. if distinct Rails applications are used
for the frontend and backend of the same site, this counts as a single application. Also if you operate
multiple staging and production instances for the same site, this counts as a single application.

³

You may use Rails LTS for all Rails applications that are actively
maintained by your organisation.

Service levels

Paid Rails LTS plans include service levels depending on the type of security issue:

Low-priority issues:
Patches will be backported beginning on the first business day (in Germany) after announcement to
the Rails security list.

Highest-priority issues:
We will begin investigating the issue within 24 hours and shall produce a new release of Rails LTS
as soon as commercially feasible.

Whether or not an issue qualifies as a "highest-priority issue" will
be decided by us (makandra GmbH) on a case-by-case basis.

Free community plan

Patches will be made available to community subscribers 10 days after they have been released
to paid subscribers.

How we count applications

Some plans allow you to use Rails LTS for an limited number of applications.

Coherent services that are comprised of multiple Rails applications count as a single
application for the purpose of Rails LTS licensing. E.g. if distinct Rails applications are used
for the frontend and backend of the same site, this counts as a single application. Also if you operate
multiple staging and production instances for the same site, this counts as a single application.

Applications that are used to service distinct sites or clients are counted as separate applications.

Support for integration

Upcoming Rails 3.2 support

According to the
official Rails maintenance policy
Rails 3.2 still receives limited support for very severe vulnerabilities.
When Rails 5 is released in 2015, support for Rails 3.2 will end completely.

We plan to support Rails 3.2 when official maintenance ends.
Our plan is to create a stable customer base to fund long-term maintenance of Rails 3.2.
We already found an enterprise customer who allowed us to start working on this version.

Rails 3.2 support will be available to all Rails LTS customers on a Startup, Standard or Enterprise plan.

If your business is interested in commercial support for Ruby on Rails 3.2,
please send an e-mail info@railslts.com.

Privacy Policy

makandra appreciates your interest in our railslts.com website. Protecting the privacy of our customers is very important to us.
The following data privacy policy applies to all information that you provide on this railslts.com website.

1. General Information

By accepting this data privacy policy, you expressly allow makandra to process your data in accordance with this data privacy policy. This privacy policy describes how we collect and use this information. makandra uses your data in strict accordance with the data protection regulations.

We will not sell or rent your personal information to third parties for their marketing purposes under any circumstances. If you do not agree with the terms of the data privacy policy, please do not fill out the contact form on our site.

Links to third-party websites

Some sections of our website contain links to third-party websites. These pages are subject to their own data privacy policies. makandra is not responsible for their operation, including data handling. Users who send information to or through such sites of third-party providers should check the data privacy policy of these sites before providing information to them.

2. Collected Information

Required Information

The use of our website railslts.com is usually possible without providing personal information.
To use our contact form, you must specify your e-mail address among other information. We will use this personal information provided by you solely to contact you and to improve our rails lts product.

Technical safety

The server on which makandra is operated is located in the secured data center of an Internet service provider resident in the Federal Republic of Germany, and it is secured against unauthorized access. Only authorized employees of makandra and of the responsible Internet service provider, who are obliged to maintain confidentiality and data secrecy, have access to the data processing systems.

3. Right of access

According to the Federal Data Protection Act, you have the right to gratuitous information about your stored data, as well as, where appropriate, the right to correct, block or delete such data.

4. Website Tracking

To make our website more attractive and to establish the use of certain functions for you we use cookies on some pages of our website. These are small text files that are stored locally in the cache of your computer's Internet browser. Cookies, therefore, enable the recognition of the Internet browser on your next visit to our site, making our offering even more user-friendly, more effective, but also more secure. However, you have the option of setting your browser to reject cookies or set to be notified of them beforehand. In addition, you can delete cookies at any time on your system. Please use the help function integrated into your browser for more information on this topic.

Google Analytics, a Web analysis service of Google, Inc. ("Google"), is used by makandra for evaluation and to support online marketing activities. Google Analytics uses cookies, which are text files stored on your computer and which allow an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and stored there. This website uses IP anonymization. Your IP address is reduced by Google basically within the Member States of the European Union or in other States of the European Economic Area. The full IP address is sent to a Google server in the USA and reduced there only in exceptional cases.

On behalf of makandra, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide further services related to website and Internet usage to makandra. The IP address that your browser transmits within the scope of Google Analytics will not be associated with any other data by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link:
http://tools.google.com/dlpage/gaoptout?hl=en

5. Contact person for data protection

For questions about collection, processing or use of your personal data in the event of informaiton provisions, reporting, blocking or deletion of data as well as recall of granted licenses, please contact: info@makandra.com